Index: net/data/ssl/certificates/openssl_cert.cnf |
diff --git a/net/data/ssl/certificates/openssl_cert.cnf b/net/data/ssl/certificates/openssl_cert.cnf |
new file mode 100644 |
index 0000000000000000000000000000000000000000..f6a5b8b179b5f29c63bd95f2cd982083449196be |
--- /dev/null |
+++ b/net/data/ssl/certificates/openssl_cert.cnf |
@@ -0,0 +1,23 @@ |
+# The default configuration to use when requesting a certificate to be used |
+# as the server test certificate, whether OK or expired. |
+[req] |
+# Common configuration for all requests |
+default_bits = 1024 |
+default_md = sha1 |
+string_mask = utf8only |
+prompt = no |
+encrypt_key = no |
+distinguished_name = req_dn |
+req_extensions = req_extensions |
+ |
+[req_dn] |
+C = US |
+ST = California |
+L = Mountain View |
+O = Test CA |
+# TODO(wtc): Deprecate de facto, but not de jure, matching of iPAddress in |
wtc
2010/12/08 19:58:22
Are you sure? I think we can put
CN = Test Serv
Ryan Sleevi
2010/12/09 05:49:55
I've updated the comment to reflect the two open b
|
+# the commonName field |
+CN = 127.0.0.1 |
+ |
+[req_extensions] |
+subjectAltName = IP:127.0.0.1 |